Collaborate Disseminate
MITRE ATT&CK stands for MITRE Adversarial Tactics, Techniques and Common Knowledge. Itβs a curated knowledge base of adversarial behavior based on real-world observation of APT campaigns. The original impetus for the project was to answer the quest… Continue reading 5 Things to Do with MITRE ATT&CK β Tips and Tricks Special
A number of high-profile data breaches have resulted directly from misconfigured permissions or unpatched vulnerabilities. For instance, the 2017 Equifax breach was the result of exploiting an unpatched flaw in Apache Struts allowing remote code execut… Continue reading Shared Responsibility and Configuration Management in the Cloud: SecTor 2020
Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, atta… Continue reading The MITRE ATT&CK Framework: Impact
On January 7th, MITRE released ATT&CK for Industrial Control Systems, a taxonomy of real-world cyber adversarial behavior targeting ICS or industrial control systems. These systems operate critical infrastructure in manufacturing and utility indust… Continue reading Introducing the New MITRE ATT&CK Framework for Industrial Control Systems
MITRE’s ATT&CK framework is ever evolving. The latest October update extends enterprise coverage to the cloud and adds a considerable list of cloud-specific adversarial techniques. The cloud has seen phenomenal growth over the past few years,… Continue reading MITRE ATT&CK October Update: Extending to the Cloud
On the last day of July, MITRE released its most recent update to the ATT&CK framework. Compared to the April 2019 update, which saw a new tactic with 14 new Techniques, the July 2019 update is relatively small and centers around restructuring Miti… Continue reading MITRE ATT&CK July 2019 Update
In Part I, I described some structural problems in MITRE’s ATT&CK adversarial behavior framework. We looked at a couple of examples of techniques that vary greatly in terms of abstraction as well as techniques that ought to be classified as p… Continue reading ATT&CK Structure Part II: From Taxonomy to Ontology
Following last year’s exceedingly successful inaugural MITRE ATT&CK™ conference, this year’s highly anticipated ATT&CKcon 2.0 conference will be held from Oct 28-30 at MITRE’s McLean headquarters. MITRE’s always op… Continue reading ATT&CK Structure Part I: A Taxonomy of Adversarial Behavior
MITRE has released an April 2019 update to its ATT&CK framework. It’s been a year since the last major update featuring a new tactic. There are a number of changes for this year: the most major being the addition of a 12th Tactic, Impact, whi… Continue reading MITRE ATT&CK April 2019 Update
MITRE Corporation’s ATT&CK framework is a living, curated repository of adversarial tactics and techniques based on observations from actual attacks on enterprise networks. It’s a valuable trove of information for security analysts, thr… Continue reading How to Evade Detection: Hiding in the Registry